New Search

Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session (2) zip (3) imap and (4) sqlite extensions; (5) stream filters; and the (6) str_replace (7) mail (8) ibase_delete_user (9) ibase_add_user and (10) ibase_modify_user functions. NOTE: vector 6 might actually be an integer overflow (CVE-2007-1885). NOTE: as of 20070411 vector (3) might involve the imap_mail_compose function (CVE-2007-1825).

oval:org.mitre.oval:def:8992

Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session (2) zip (3) imap and (4) sqlite extensions; (5) stream filters; and the (6) str_replace (7) mail (8) ibase_delete_user (9) ibase_add_user and (10) ibase_modify_user functions. NOTE: vector 6 might actually be an integer overflow (CVE-2007-1885). NOTE: as of 20070411 vector (3) might involve the imap_mail_compose function (CVE-2007-1825).

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 4
  • Oracle Linux 5
  • Oracle Linux 4
  • CentOS Linux 3
  • Red Hat Enterprise Linux 3
  • Red Hat Enterprise Linux 5
  • CentOS Linux 5
  • Red Hat Enterprise Linux 4
Class:
vulnerability
Reference(s):
  • CVE-2007-0906
Product(s):